How to setup NAT or MIP on SRX series

I am the new member on this forum anyway, and so far i tried to learned how to configure it from basic.

Here i would like to show the current situation below:

We bought a old Juniper NS5GT from Juniper 5 years ago. This week we bought a Juniper SRX100 to replace the NS5GT.

We have a dedicated line 512kbps symmetrical provided by a local ISP and given 5 public addresses. Presently we are using the old Juniper NS5GT FireWall but it is going to be replaced by a new Juniper SRX100.

We want to configure the new Juniper SRX100 to perform the same tasks as the old Juniper NS5GT but found out that we cannot just copy the config file from old to new because the OS is different - the old is Netscreen, the new is JunOS.

We have configured the SRX100 following your Juniper tutorial but have encountered a problem with MIP while testing it online - mapping the private address of our servers to their respective public address does not work. Attached is the SRX100 config file which we have started with a basic config file trying to map our ftp server (private address 172.17.196) to the public address (121.58.190.133). Attached is also the old NS5GT config file. The FTP Server is connected at fe-0/0/3.0 on the trusted VLAN. of the SRX100. The public address of the SRX100 is 121.58.190.130 which is configured at fe-0/0/0.0. Static NAT and proxy ARP have been done for the ftp server as can be seen in the config file. The ftp server can connect to the internet from the trusted zone but the outside world cannot access the ftp server using ftp://ftp.fairfield.co.id. whereby ftp.fairfield.co.id is the name for the public address 121.58.190.133. When we ping 121.58.190.133 from the outside it seems to be alive but it is virtual because of the proxy ARP but we cannot ftp or telnet or remote desktop to the ftp server from the outside.

We have also 2 other servers (exchange server and bandwidthcontroller) to be MIP'ed but we need to get one server to work first before continuing with the other two.

Re: How to setup NAT or MIP on SRX series

I'd be more then happy to look at it, just the kind of fruit I can pick if you know what I mean

It does look like your FTP server is responding to internet requests though as mentioned above, perhaps upstream arp resolution was holding you down since you external addresses changed to that of your external interface when you went to the SRX?